Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
m0_71398851
ComWeChatRobot
提交
de8b9aee
C
ComWeChatRobot
项目概览
m0_71398851
/
ComWeChatRobot
与 Fork 源项目一致
从无法访问的项目Fork
通知
1
Star
1
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
C
ComWeChatRobot
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
未验证
提交
de8b9aee
编写于
8月 16, 2022
作者:
J
Jack Li
提交者:
GitHub
8月 16, 2022
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #81 from ljc545w/fix/sql-encoding-err
修复sql编码错误问题
上级
e1afae91
4c8bcd03
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
179 addition
and
142 deletion
+179
-142
CWeChatRobot/DbExecuteSql.cpp
CWeChatRobot/DbExecuteSql.cpp
+163
-139
CWeChatRobot/pch.cpp
CWeChatRobot/pch.cpp
+12
-0
CWeChatRobot/pch.h
CWeChatRobot/pch.h
+4
-3
Release/CWeChatRobot.exe
Release/CWeChatRobot.exe
+0
-0
未找到文件。
CWeChatRobot/DbExecuteSql.cpp
浏览文件 @
de8b9aee
#include "pch.h"
// 调用DLL接口时的参数
struct
executeParams
{
DWORD
ptrDb
;
DWORD
ptrSql
;
struct
executeParams
{
DWORD
ptrDb
;
DWORD
ptrSql
;
};
// 接收DLL的返回数据,包括动态数组首地址和数组长度
struct
executeResult
{
DWORD
SQLResultData
;
DWORD
length
;
struct
executeResult
{
DWORD
SQLResultData
;
DWORD
length
;
};
// 保存ReadProcessMemory读出的结构体
struct
SQLResultAddrStruct
{
DWORD
ColName
;
DWORD
l_ColName
;
DWORD
content
;
DWORD
l_content
;
DWORD
isblob
;
struct
SQLResultAddrStruct
{
DWORD
ColName
;
DWORD
l_ColName
;
DWORD
content
;
DWORD
l_content
;
DWORD
isblob
;
};
// vector的数据结构
struct
VectorStruct
{
struct
VectorStruct
{
#ifdef _DEBUG
DWORD
v_head
;
DWORD
v_head
;
#endif
DWORD
v_data
;
DWORD
v_end1
;
DWORD
v_end2
;
DWORD
v_data
;
DWORD
v_end1
;
DWORD
v_end2
;
};
// 保存SQL查询结构的基础结构
struct
SQLResultStruct
{
wchar_t
*
ColName
;
wchar_t
*
content
;
unsigned
char
*
BlobContent
;
int
BlobLength
;
struct
SQLResultStruct
{
wchar_t
*
ColName
;
wchar_t
*
content
;
unsigned
char
*
BlobContent
;
int
BlobLength
;
};
// 查询结果是一个二维数组
vector
<
vector
<
SQLResultStruct
>>
SQLResult
;
// 每次查询前清空前一次查询到的结果
void
ClearResultArray
()
{
if
(
SQLResult
.
size
()
==
0
)
return
;
for
(
unsigned
int
i
=
0
;
i
<
SQLResult
.
size
();
i
++
)
{
for
(
unsigned
j
=
0
;
j
<
SQLResult
[
i
].
size
();
j
++
)
{
SQLResultStruct
*
sr
=
(
SQLResultStruct
*
)
&
SQLResult
[
i
][
j
];
if
(
sr
->
ColName
)
{
delete
sr
->
ColName
;
sr
->
ColName
=
NULL
;
}
if
(
sr
->
content
)
{
delete
sr
->
content
;
sr
->
content
=
NULL
;
}
if
(
sr
->
BlobContent
)
{
delete
sr
->
BlobContent
;
sr
->
BlobContent
=
NULL
;
}
}
SQLResult
[
i
].
clear
();
}
SQLResult
.
clear
();
void
ClearResultArray
()
{
if
(
SQLResult
.
size
()
==
0
)
return
;
for
(
unsigned
int
i
=
0
;
i
<
SQLResult
.
size
();
i
++
)
{
for
(
unsigned
j
=
0
;
j
<
SQLResult
[
i
].
size
();
j
++
)
{
SQLResultStruct
*
sr
=
(
SQLResultStruct
*
)
&
SQLResult
[
i
][
j
];
if
(
sr
->
ColName
)
{
delete
sr
->
ColName
;
sr
->
ColName
=
NULL
;
}
if
(
sr
->
content
)
{
delete
sr
->
content
;
sr
->
content
=
NULL
;
}
if
(
sr
->
BlobContent
)
{
delete
sr
->
BlobContent
;
sr
->
BlobContent
=
NULL
;
}
}
SQLResult
[
i
].
clear
();
}
SQLResult
.
clear
();
}
// 遍历查询结果,构造SAFEARRAY
SAFEARRAY
*
CreateSQLResultSafeArray
()
{
if
(
SQLResult
.
size
()
==
0
||
SQLResult
[
0
].
size
()
==
0
)
return
NULL
;
SAFEARRAYBOUND
rgsaBound
[
2
]
=
{
{
SQLResult
.
size
()
+
1
,
0
},{
SQLResult
[
0
].
size
(),
0
}};
SAFEARRAY
*
psaValue
=
SafeArrayCreate
(
VT_VARIANT
,
2
,
rgsaBound
);
HRESULT
hr
=
S_OK
;
long
Index
[
2
]
=
{
0
,
0
};
for
(
unsigned
int
i
=
0
;
i
<
SQLResult
.
size
();
i
++
)
{
for
(
unsigned
int
j
=
0
;
j
<
SQLResult
[
i
].
size
();
j
++
)
{
SQLResultStruct
*
ptrResult
=
(
SQLResultStruct
*
)
&
SQLResult
[
i
][
j
];
if
(
i
==
0
)
{
Index
[
0
]
=
0
;
Index
[
1
]
=
j
;
hr
=
SafeArrayPutElement
(
psaValue
,
Index
,
&
(
_variant_t
)
ptrResult
->
ColName
);
}
Index
[
0
]
=
i
+
1
;
Index
[
1
]
=
j
;
if
(
ptrResult
->
content
)
hr
=
SafeArrayPutElement
(
psaValue
,
Index
,
&
(
_variant_t
)
ptrResult
->
content
);
else
{
VARIANT
varChunk
;
SAFEARRAY
*
bsa
;
BYTE
*
pByte
=
NULL
;
SAFEARRAYBOUND
rgsabound
[
1
];
rgsabound
[
0
].
cElements
=
ptrResult
->
BlobLength
;
rgsabound
[
0
].
lLbound
=
0
;
bsa
=
SafeArrayCreate
(
VT_UI1
,
1
,
rgsabound
);
SafeArrayAccessData
(
bsa
,
(
void
**
)
&
pByte
);
memcpy
(
pByte
,
ptrResult
->
BlobContent
,
ptrResult
->
BlobLength
);
SafeArrayUnaccessData
(
bsa
);
varChunk
.
vt
=
VT_ARRAY
|
VT_UI1
;
varChunk
.
parray
=
bsa
;
hr
=
SafeArrayPutElement
(
psaValue
,
Index
,
&
(
_variant_t
)
varChunk
);
}
}
}
return
psaValue
;
SAFEARRAY
*
CreateSQLResultSafeArray
()
{
if
(
SQLResult
.
size
()
==
0
||
SQLResult
[
0
].
size
()
==
0
)
return
NULL
;
SAFEARRAYBOUND
rgsaBound
[
2
]
=
{{
SQLResult
.
size
()
+
1
,
0
},
{
SQLResult
[
0
].
size
(),
0
}};
SAFEARRAY
*
psaValue
=
SafeArrayCreate
(
VT_VARIANT
,
2
,
rgsaBound
);
HRESULT
hr
=
S_OK
;
long
Index
[
2
]
=
{
0
,
0
};
for
(
unsigned
int
i
=
0
;
i
<
SQLResult
.
size
();
i
++
)
{
for
(
unsigned
int
j
=
0
;
j
<
SQLResult
[
i
].
size
();
j
++
)
{
SQLResultStruct
*
ptrResult
=
(
SQLResultStruct
*
)
&
SQLResult
[
i
][
j
];
if
(
i
==
0
)
{
Index
[
0
]
=
0
;
Index
[
1
]
=
j
;
hr
=
SafeArrayPutElement
(
psaValue
,
Index
,
&
(
_variant_t
)
ptrResult
->
ColName
);
}
Index
[
0
]
=
i
+
1
;
Index
[
1
]
=
j
;
if
(
ptrResult
->
content
)
hr
=
SafeArrayPutElement
(
psaValue
,
Index
,
&
(
_variant_t
)
ptrResult
->
content
);
else
{
VARIANT
varChunk
;
SAFEARRAY
*
bsa
;
BYTE
*
pByte
=
NULL
;
SAFEARRAYBOUND
rgsabound
[
1
];
rgsabound
[
0
].
cElements
=
ptrResult
->
BlobLength
;
rgsabound
[
0
].
lLbound
=
0
;
bsa
=
SafeArrayCreate
(
VT_UI1
,
1
,
rgsabound
);
SafeArrayAccessData
(
bsa
,
(
void
**
)
&
pByte
);
memcpy
(
pByte
,
ptrResult
->
BlobContent
,
ptrResult
->
BlobLength
);
SafeArrayUnaccessData
(
bsa
);
varChunk
.
vt
=
VT_ARRAY
|
VT_UI1
;
varChunk
.
parray
=
bsa
;
hr
=
SafeArrayPutElement
(
psaValue
,
Index
,
&
(
_variant_t
)
varChunk
);
}
}
}
return
psaValue
;
}
// 读出查询结果
VOID
ReadSQLResultFromWeChatProcess
(
HANDLE
hProcess
,
DWORD
dwHandle
)
{
executeResult
result
=
{
0
};
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
dwHandle
,
&
result
,
sizeof
(
executeResult
),
0
);
for
(
unsigned
int
i
=
0
;
i
<
result
.
length
;
i
++
)
{
VectorStruct
v_temp
=
{
0
};
vector
<
SQLResultStruct
>
s_temp
;
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
result
.
SQLResultData
,
&
v_temp
,
sizeof
(
VectorStruct
),
0
);
while
(
v_temp
.
v_data
<
v_temp
.
v_end1
)
{
SQLResultAddrStruct
sqlresultAddr
=
{
0
};
SQLResultStruct
sqlresult
=
{
0
};
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
v_temp
.
v_data
,
&
sqlresultAddr
,
sizeof
(
SQLResultAddrStruct
),
0
);
char
*
ColName
=
new
char
[
sqlresultAddr
.
l_ColName
+
1
];
sqlresult
.
ColName
=
new
wchar_t
[
sqlresultAddr
.
l_ColName
+
1
];
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
sqlresultAddr
.
ColName
,
ColName
,
sqlresultAddr
.
l_ColName
+
1
,
0
);
MultiByteToWideChar
(
CP_ACP
,
0
,
ColName
,
-
1
,
sqlresult
.
ColName
,
strlen
(
ColName
)
+
1
);
char
*
content
=
new
char
[
sqlresultAddr
.
l_content
+
1
];
if
(
!
sqlresultAddr
.
isblob
)
{
sqlresult
.
content
=
new
wchar_t
[
sqlresultAddr
.
l_content
+
1
];
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
sqlresultAddr
.
content
,
content
,
sqlresultAddr
.
l_content
+
1
,
0
);
MultiByteToWideChar
(
CP_UTF8
,
0
,
content
,
-
1
,
sqlresult
.
content
,
strlen
(
content
)
+
1
);
sqlresult
.
BlobContent
=
NULL
;
}
else
{
sqlresult
.
BlobContent
=
new
unsigned
char
[
sqlresultAddr
.
l_content
];
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
sqlresultAddr
.
content
,
sqlresult
.
BlobContent
,
sqlresultAddr
.
l_content
,
0
);
sqlresult
.
BlobLength
=
sqlresultAddr
.
l_content
;
sqlresult
.
content
=
NULL
;
}
delete
[]
ColName
;
ColName
=
NULL
;
delete
[]
content
;
content
=
NULL
;
v_temp
.
v_data
+=
sizeof
(
SQLResultAddrStruct
);
s_temp
.
push_back
(
sqlresult
);
}
SQLResult
.
push_back
(
s_temp
);
result
.
SQLResultData
+=
sizeof
(
VectorStruct
);
}
VOID
ReadSQLResultFromWeChatProcess
(
HANDLE
hProcess
,
DWORD
dwHandle
)
{
executeResult
result
=
{
0
};
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
dwHandle
,
&
result
,
sizeof
(
executeResult
),
0
);
for
(
unsigned
int
i
=
0
;
i
<
result
.
length
;
i
++
)
{
VectorStruct
v_temp
=
{
0
};
vector
<
SQLResultStruct
>
s_temp
;
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
result
.
SQLResultData
,
&
v_temp
,
sizeof
(
VectorStruct
),
0
);
while
(
v_temp
.
v_data
<
v_temp
.
v_end1
)
{
SQLResultAddrStruct
sqlresultAddr
=
{
0
};
SQLResultStruct
sqlresult
=
{
0
};
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
v_temp
.
v_data
,
&
sqlresultAddr
,
sizeof
(
SQLResultAddrStruct
),
0
);
char
*
ColName
=
new
char
[
sqlresultAddr
.
l_ColName
+
1
];
sqlresult
.
ColName
=
new
wchar_t
[
sqlresultAddr
.
l_ColName
+
1
];
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
sqlresultAddr
.
ColName
,
ColName
,
sqlresultAddr
.
l_ColName
+
1
,
0
);
MultiByteToWideChar
(
CP_ACP
,
0
,
ColName
,
-
1
,
sqlresult
.
ColName
,
strlen
(
ColName
)
+
1
);
char
*
content
=
new
char
[
sqlresultAddr
.
l_content
+
1
];
if
(
!
sqlresultAddr
.
isblob
)
{
sqlresult
.
content
=
new
wchar_t
[
sqlresultAddr
.
l_content
+
1
];
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
sqlresultAddr
.
content
,
content
,
sqlresultAddr
.
l_content
+
1
,
0
);
MultiByteToWideChar
(
CP_UTF8
,
0
,
content
,
-
1
,
sqlresult
.
content
,
strlen
(
content
)
+
1
);
sqlresult
.
BlobContent
=
NULL
;
}
else
{
sqlresult
.
BlobContent
=
new
unsigned
char
[
sqlresultAddr
.
l_content
];
ReadProcessMemory
(
hProcess
,
(
LPCVOID
)
sqlresultAddr
.
content
,
sqlresult
.
BlobContent
,
sqlresultAddr
.
l_content
,
0
);
sqlresult
.
BlobLength
=
sqlresultAddr
.
l_content
;
sqlresult
.
content
=
NULL
;
}
delete
[]
ColName
;
ColName
=
NULL
;
delete
[]
content
;
content
=
NULL
;
v_temp
.
v_data
+=
sizeof
(
SQLResultAddrStruct
);
s_temp
.
push_back
(
sqlresult
);
}
SQLResult
.
push_back
(
s_temp
);
result
.
SQLResultData
+=
sizeof
(
VectorStruct
);
}
}
SAFEARRAY
*
ExecuteSQL
(
DWORD
pid
,
DWORD
DbHandle
,
BSTR
sql
)
{
WeChatProcess
hp
(
pid
);
if
(
!
hp
.
m_init
)
return
NULL
;
ClearResultArray
();
// DWORD ExecuteSQLRemoteAddr = hp.GetProcAddr(ExecuteSQLRemote);
DWORD
ExecuteSQLRemoteAddr
=
hp
.
GetProcAddr
(
SelectDataRemote
);
if
(
ExecuteSQLRemoteAddr
==
0
)
return
NULL
;
char
*
a_sql
=
_com_util
::
ConvertBSTRToString
(
sql
);
WeChatData
<
char
*>
r_sql
(
hp
.
GetHandle
(),
a_sql
,
TEXTLENGTHA
(
a_sql
));
executeParams
params
=
{
0
};
params
.
ptrDb
=
DbHandle
;
params
.
ptrSql
=
(
DWORD
)
r_sql
.
GetAddr
();
WeChatData
<
executeParams
*>
r_params
(
hp
.
GetHandle
(),
&
params
,
sizeof
(
params
));
if
(
r_sql
.
GetAddr
()
==
0
||
r_params
.
GetAddr
()
==
0
)
return
NULL
;
DWORD
ret
=
CallRemoteFunction
(
hp
.
GetHandle
(),
ExecuteSQLRemoteAddr
,
r_params
.
GetAddr
());
ReadSQLResultFromWeChatProcess
(
hp
.
GetHandle
(),
ret
);
SAFEARRAY
*
psaValue
=
CreateSQLResultSafeArray
();
return
psaValue
;
}
\ No newline at end of file
SAFEARRAY
*
ExecuteSQL
(
DWORD
pid
,
DWORD
DbHandle
,
BSTR
sql
)
{
WeChatProcess
hp
(
pid
);
if
(
!
hp
.
m_init
)
return
NULL
;
ClearResultArray
();
// DWORD ExecuteSQLRemoteAddr = hp.GetProcAddr(ExecuteSQLRemote);
DWORD
ExecuteSQLRemoteAddr
=
hp
.
GetProcAddr
(
SelectDataRemote
);
if
(
ExecuteSQLRemoteAddr
==
0
)
return
NULL
;
string
s_sql
=
unicode_to_utf8
(
sql
);
WeChatData
<
char
*>
r_sql
(
hp
.
GetHandle
(),
(
char
*
)
s_sql
.
c_str
(),
s_sql
.
size
());
executeParams
params
=
{
0
};
params
.
ptrDb
=
DbHandle
;
params
.
ptrSql
=
(
DWORD
)
r_sql
.
GetAddr
();
WeChatData
<
executeParams
*>
r_params
(
hp
.
GetHandle
(),
&
params
,
sizeof
(
params
));
if
(
r_sql
.
GetAddr
()
==
0
||
r_params
.
GetAddr
()
==
0
)
return
NULL
;
DWORD
ret
=
CallRemoteFunction
(
hp
.
GetHandle
(),
ExecuteSQLRemoteAddr
,
r_params
.
GetAddr
());
ReadSQLResultFromWeChatProcess
(
hp
.
GetHandle
(),
ret
);
SAFEARRAY
*
psaValue
=
CreateSQLResultSafeArray
();
return
psaValue
;
}
CWeChatRobot/pch.cpp
浏览文件 @
de8b9aee
...
...
@@ -11,6 +11,18 @@ map<DWORD, short> ServiceCount;
// 当使用预编译的头时,需要使用此源文件,编译才能成功。
string
unicode_to_utf8
(
wchar_t
*
wstr
)
{
int
c_size
=
WideCharToMultiByte
(
CP_UTF8
,
0
,
wstr
,
-
1
,
NULL
,
0
,
NULL
,
false
);
char
*
buffer
=
new
char
[
c_size
+
1
];
WideCharToMultiByte
(
CP_UTF8
,
0
,
wstr
,
-
1
,
buffer
,
c_size
,
NULL
,
false
);
buffer
[
c_size
]
=
'\0'
;
string
str
(
buffer
);
delete
[]
buffer
;
buffer
=
NULL
;
return
str
;
}
BOOL
isFileExists_stat
(
string
&
name
)
{
struct
stat
buffer
;
...
...
CWeChatRobot/pch.h
浏览文件 @
de8b9aee
...
...
@@ -43,12 +43,13 @@ using namespace std;
#define TEXTLENGTH TEXTLENGTHW
#endif
BOOL
isFileExists_stat
(
string
&
name
);
BOOL
isFileExists_stat
(
string
&
name
);
DWORD
GetWeChatRobotBase
(
DWORD
pid
);
DWORD
GetWeChatWinBase
(
DWORD
pid
);
DWORD
GetWeChatPid
();
DWORD
StartRobotService
(
DWORD
pid
);
DWORD
StopRobotService
(
DWORD
pid
);
string
unicode_to_utf8
(
wchar_t
*
wstr
);
BOOL
CreateConsole
();
wstring
GetComWorkPath
();
...
...
@@ -57,5 +58,5 @@ tstring GetWeChatInstallDir();
DWORD
GetWeChatVerInt
();
tstring
GetWeChatVerStr
();
DWORD
StartWeChat
();
BOOL
CloseProcessHandle
(
DWORD
pid
,
wchar_t
*
handlename
);
DWORD
GetRemoteProcAddr
(
DWORD
pid
,
LPWSTR
modulename
,
LPSTR
procname
);
\ No newline at end of file
BOOL
CloseProcessHandle
(
DWORD
pid
,
wchar_t
*
handlename
);
DWORD
GetRemoteProcAddr
(
DWORD
pid
,
LPWSTR
modulename
,
LPSTR
procname
);
Release/CWeChatRobot.exe
浏览文件 @
de8b9aee
无法预览此类型文件
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录